SecurityAccessManager (deegree framework 2.3)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

deegree 2.3 (2010/04/09 10:10 build-4-official)

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.deegree.security.drm
Class SecurityAccessManager

java.lang.Object
  org.deegree.security.drm.SecurityAccessManager

public class SecurityAccessManager
extends Object
extends Object

This singleton manages access to the data stored in an associated SecurityRegistry -instance.

In order to use methods that read from the registry, a SecurityAccess instance has to be acquired first:

Example Code:

 SecurityAccess access = SecurityAccessManager.getInstance();

 ReadToken accessToken = access.acquireReadToken();

 Role role = access.getRoleById( accessToken, 1 );

If write access is needed as well, one has to acquire the exclusive SecurityTransaction. This is only possible if the User has the "write"-privilege.

Example Code:

   SecurityAccess access = SecurityAccess.getInstance ();
   SecurityTransaction lock = access.acquireSecurityTransaction (user);
   access.registerUser (lock, "TESTUSER");
   ...
   access.commitTransaction (lock);
   // after committing changes are made persistent

Version:: $Revision: 18195 $, $Date:26.03.2007$
Author:: Markus Schneider , last edited by: $Author:wanhoff$

Method Summary
`void`	`abortTransaction(SecurityTransaction lock)` Aborts the current transaction and undoes all changes made to the `Registry`.
`SecurityAccess`	`acquireAccess(User user)` Tries to acquire a `SecurityAccess` -instance.
`SecurityTransaction`	`acquireTransaction(User user)` Tries to acquire the `SecurityTransaction` for the given `User`.
`void`	`commitTransaction(SecurityTransaction transaction)` Ends the current transaction and commits all changes to the `Registry`.
`static SecurityAccessManager`	`getInstance()` Returns the only instance of this class.
`User`	`getUserByName(String name)` This method is only to be used to get an initial `User` object.
`static void`	`initialize(String registryClassName, Properties registryProperties, long timeout)` Initializes the `SecurityAccessManager` -singleton with the given `Registry` -instance.
`static boolean`	`isInitialized()`
`(package private) void`	`verify(SecurityTransaction transaction)` Verifies that the submitted `Transaction` is valid.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Method Detail

initialize

public static void initialize(String registryClassName,
                              Properties registryProperties,
                              long timeout)
                       throws GeneralSecurityException

Initializes the SecurityAccessManager -singleton with the given Registry -instance.

Parameters:: registryClassName -; registryProperties -; timeout -
Throws:: GeneralSecurityException

isInitialized

public static boolean isInitialized()

Returns:: true if there is an instance

getInstance

public static SecurityAccessManager getInstance()
                                         throws GeneralSecurityException

Returns the only instance of this class.

Returns:: the only instance of this class.
Throws:: GeneralSecurityException

getUserByName

public User getUserByName(String name)
                   throws GeneralSecurityException

This method is only to be used to get an initial User object. (Otherwise one would need a User to perform a User lookup.)

Parameters:: name -
Returns:: the user
Throws:: GeneralSecurityException

acquireAccess

public SecurityAccess acquireAccess(User user)
                             throws GeneralSecurityException,
                                    UnauthorizedException

Tries to acquire a SecurityAccess -instance.

Parameters:: user -
Returns:: the instance
Throws:: GeneralSecurityException; UnauthorizedException

acquireTransaction

public SecurityTransaction acquireTransaction(User user)
                                       throws GeneralSecurityException,
                                              UnauthorizedException

Tries to acquire the SecurityTransaction for the given User. Only possibly for User s that have the "modify"-privilege.

NOTE: The implementation checks if the currentTransaction timed out BEFORE it checks if the user is allowed to write to the registry at all. This is because some JDBC-drivers (at least the JDBC-ODBC- bridge together with Microsoft Access (tm)) have been observed to return strange results sometimes when there's a transaction still going on (so that the privileges of the user cannot be retrieved reliably from the registry).

Parameters:: user -
Returns:: the transaction
Throws:: GeneralSecurityException; UnauthorizedException

verify

void verify(SecurityTransaction transaction)
      throws ReadWriteLockInvalidException

Verifies that the submitted Transaction is valid. There are two ways for it to become invalid:

it is too old (and timed out)
it ended (has been aborted / committed)

Parameters:: transaction -
Throws:: ReadWriteLockInvalidException; GeneralSecurityException - if transaction is invalid

commitTransaction

public void commitTransaction(SecurityTransaction transaction)
                       throws GeneralSecurityException

Ends the current transaction and commits all changes to the Registry.

Parameters:: transaction -
Throws:: GeneralSecurityException

abortTransaction

public void abortTransaction(SecurityTransaction lock)
                      throws GeneralSecurityException

Aborts the current transaction and undoes all changes made to the Registry.

Parameters:: lock -
Throws:: GeneralSecurityException